61sf2gaf(
const unsigned int getaddr_flags,
const unsigned int sockflags)
78 unsigned int *netbits,
int resolve_retry_seconds,
struct signal_info *sig_info,
81 char *endp, *sep, *var_host = NULL;
82 struct addrinfo *ai = NULL;
103 max_bits =
sizeof(
struct in6_addr) * 8;
107 msg(
M_WARN,
"Unsupported AF family passed to getaddrinfo for %s (%d)", hostname, af);
116 var_host = strdup(hostname);
124 sep = strchr(var_host,
'/');
127 bits = strtoul(sep + 1, &endp, 10);
128 if ((*endp !=
'\0') || (bits > max_bits))
130 msg(msglevel,
"IP prefix '%s': invalid '/bits' spec (%s)", hostname, sep + 1);
138 if ((ret == 0) && network)
140 struct in6_addr *ip6;
143 if (af != ai->ai_family)
145 msg(msglevel,
"Can't parse %s as IPv%d address", var_host, (af == AF_INET) ? 4 : 6);
154 *ip4 = ((
struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr;
164 *ip6 = ((
struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
169 msg(
M_WARN,
"Unsupported AF family for %s (%d)", var_host, af);
176 *netbits = (
unsigned int)bits;
195getaddr(
unsigned int flags,
const char *hostname,
int resolve_retry_seconds,
bool *succeeded,
222get_ipv6_addr(
const char *hostname,
struct in6_addr *network,
unsigned int *netbits,
237 if (a == NULL && b == NULL)
241 else if (a == NULL || b == NULL)
257 int ai_family,
unsigned int resolve_flags,
struct addrinfo **ai)
265 for (ph = dns_cache; ph; ph = ph->
next)
280 const unsigned int flags)
330 for (
int i = 0;
i <
l->len; ++
i)
392 flags &= ~GETADDR_RANDOMIZE;
421 socklen_t len =
sizeof(val);
423 if (getsockopt(sd, SOL_SOCKET, SO_SNDBUF, (
void *)&val, &len) == 0 && len ==
sizeof(val))
433 if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (
void *)&size,
sizeof(size)) != 0)
435 msg(
M_WARN,
"NOTE: setsockopt SO_SNDBUF=%d failed", size);
443 socklen_t len =
sizeof(val);
445 if (getsockopt(sd, SOL_SOCKET, SO_RCVBUF, (
void *)&val, &len) == 0 && len ==
sizeof(val))
455 if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (
void *)&size,
sizeof(size)) != 0)
457 msg(
M_WARN,
"NOTE: setsockopt SO_RCVBUF=%d failed", size);
469 if (sbs->
sndbuf && (reduce_size || sndbuf_old < sbs->sndbuf))
474 if (sbs->
rcvbuf && (reduce_size || rcvbuf_old < sbs->rcvbuf))
491#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY))
492 if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (
void *)&state,
sizeof(state)) != 0)
494 msg(
M_WARN,
"NOTE: setsockopt TCP_NODELAY=%d failed", state);
499 dmsg(
D_OSBUF,
"Socket flags: TCP_NODELAY=%d succeeded", state);
503 msg(
M_WARN,
"NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state);
511#if defined(TARGET_LINUX)
512 if (mark && setsockopt(sd, SOL_SOCKET, SO_MARK, (
void *)&mark,
sizeof(mark)) != 0)
514 msg(
M_WARN,
"NOTE: setsockopt SO_MARK=%d failed", mark);
569 ASSERT(addrinfo->ai_socktype == SOCK_STREAM);
571 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
574 msg(
M_ERR,
"Cannot create TCP socket");
581 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, (
void *)&on,
sizeof(on)) < 0)
583 msg(
M_ERR,
"TCP: Cannot setsockopt SO_REUSEADDR on TCP socket");
601 ASSERT(addrinfo->ai_socktype == SOCK_DGRAM);
603 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
606 msg(
M_ERR,
"UDP: Cannot create UDP/UDP6 socket");
612 if (addrinfo->ai_family == AF_INET)
614#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
615 if (setsockopt(sd,
SOL_IP, IP_PKTINFO, (
void *)&pad,
sizeof(pad)) < 0)
617 msg(
M_ERR,
"UDP: failed setsockopt for IP_PKTINFO");
619#elif defined(IP_RECVDSTADDR)
620 if (setsockopt(sd, IPPROTO_IP, IP_RECVDSTADDR, (
void *)&pad,
sizeof(pad)) < 0)
622 msg(
M_ERR,
"UDP: failed setsockopt for IP_RECVDSTADDR");
625#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
628 else if (addrinfo->ai_family == AF_INET6)
630#ifndef IPV6_RECVPKTINFO
631 if (setsockopt(sd, IPPROTO_IPV6, IPV6_PKTINFO, (
void *)&pad,
sizeof(pad)) < 0)
633 if (setsockopt(sd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (
void *)&pad,
sizeof(pad)) < 0)
636 msg(
M_ERR,
"UDP: failed setsockopt for IPV6_RECVPKTINFO");
667#if defined(__GNUC__) || defined(__clang__)
668#pragma GCC diagnostic push
669#pragma GCC diagnostic ignored "-Wconversion"
675 if (addr->ai_protocol == IPPROTO_UDP || addr->ai_socktype == SOCK_DGRAM)
687 struct addrinfo addrinfo_tmp = *addr;
688 addrinfo_tmp.ai_socktype = SOCK_STREAM;
689 addrinfo_tmp.ai_protocol = IPPROTO_TCP;
693 else if (addr->ai_protocol == IPPROTO_TCP || addr->ai_socktype == SOCK_STREAM)
703 sock->
info.
af = addr->ai_family;
711#if defined(TARGET_LINUX)
715 if (setsockopt(sock->
sd, SOL_SOCKET, SO_BINDTODEVICE, sock->
bind_dev,
727#if defined(__GNUC__) || defined(__clang__)
728#pragma GCC diagnostic pop
733protect_fd_nonlocal(
int fd,
const struct sockaddr *addr)
737 msg(
M_FATAL,
"Required management interface not available.");
751 management_android_control(
management,
"PROTECTFD", __func__);
760 bool do_set_nonblock)
766 msg(
M_INFO,
"Listening for incoming TCP connection on %s",
791 socklen_t remote_len =
sizeof(act->
dest.
addr);
798 new_sd = getpeername(sd, &act->
dest.
addr.
sa, &remote_len);
811 new_sd = accept(sd, &act->
dest.
addr.
sa, &remote_len);
830 else if (remote_len_af && remote_len != remote_len_af)
833 "TCP: Received strange incoming connection with unknown address length=%d", remote_len);
856 const struct addrinfo *local,
bool do_listen,
857 bool nowait,
volatile int *signal_received)
879 if (*signal_received)
907 msg(
M_ERR,
"TCP: close socket failed (sd)");
929 struct addrinfo *cur;
935 for (cur = local; cur; cur = cur->ai_next)
937 if (cur->ai_family == ai_family)
944 msg(
M_FATAL,
"%s: Socket bind failed: Addr to bind has no %s record", prefix,
948 if (ai_family == AF_INET6)
950 int v6only = ipv6only ? 1 : 0;
952 msg(
M_INFO,
"setsockopt(IPV6_V6ONLY=%d)", v6only);
953 if (setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (
void *)&v6only,
sizeof(v6only)))
968 volatile int *signal_received)
973 protect_fd_nonlocal(sd, remote);
992 struct pollfd fds[1];
994 fds[0].events = POLLOUT;
995 status = poll(fds, 1, (connect_timeout > 0) ? 1000 : 0);
1002 tv.tv_sec = (connect_timeout > 0) ? 1 : 0;
1007 if (signal_received)
1010 if (*signal_received)
1023 if (--connect_timeout < 0)
1042 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, (
void *)&val, &len) == 0
1043 && len ==
sizeof(val))
1065 if (ai->ai_family == AF_INET)
1067 actual->
dest.
addr.
in4 = *((
struct sockaddr_in *)ai->ai_addr);
1069 else if (ai->ai_family == AF_INET6)
1071 actual->
dest.
addr.
in6 = *((
struct sockaddr_in6 *)ai->ai_addr);
1088#ifdef ENABLE_MANAGEMENT
1162#if defined(__GNUC__) || defined(__clang__)
1163#pragma GCC diagnostic push
1164#pragma GCC diagnostic ignored "-Wconversion"
1220 volatile int *signal_received = sig_info ? &sig_info->
signal_received : NULL;
1228 unsigned int flags =
1232 struct addrinfo *ai;
1246 else if (phase == 1)
1258 else if (phase == 2)
1277 sock->
info.
af, flags, &ai);
1281 sig_info, sock->
info.
af, &ai);
1290 flags, phase, retry, signal_received ? *signal_received : -1,
status);
1292 if (signal_received && *signal_received)
1298 if (signal_received)
1311 msg(
M_INFO,
"TCP/UDP: Preserving recently used remote address: %s",
1352 const char *remote_host = o->
ce.
remote;
1396 sock->gremlin = o->gremlin;
1405 if (o->port_share_host && o->port_share_port)
1497#if EXTENDED_SOCKET_ERROR_CAPABILITY
1499 set_sock_extended_error_passing(sock->
sd, sock->
info.
af);
1517 struct addrinfo *cur;
1520 if (!ai_family || ai_family == cur->ai_family)
1526 msg(msglevel,
"%s link local (bound): %s",
1531 msg(msglevel,
"%s link local: (not bound)",
1578 bool proxy_retry =
false;
1607 }
while (proxy_retry);
1662 const char *device_guid = NULL;
1666 static_assert(
sizeof(sock->
sd) ==
sizeof(tt->
hand),
"HANDLE and SOCKET size differs");
1705 sig_save = *sig_info;
1738 if (sock->
info.
af == AF_UNSPEC)
1740 msg(
M_WARN,
"Could not determine IPv4/IPv6 protocol. Using %s",
1751 msg(
M_WARN,
"Could not determine IPv4/IPv6 protocol");
1773#ifdef TARGET_ANDROID
1808 const int gremlin = GREMLIN_CONNECTION_FLOOD_LEVEL(sock->gremlin);
1810 const int gremlin = 0;
1820 msg(
D_LOW,
"TCP/UDP: Closing socket");
1894 buf_printf(&out,
"Peer Connection Initiated with %s",
1908 != OPENVPN_PLUGIN_FUNC_SUCCESS)
1910 msg(
M_WARN,
"WARNING: ipchange plugin call failed");
1933 struct addrinfo *ai;
1940 "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
1987 return ntohl(((
struct sockaddr_in *)lsa->
current_remote->ai_addr)->sin_addr.s_addr);
1995const struct in6_addr *
2017 return &(((
struct sockaddr_in6 *)lsa->
current_remote->ai_addr)->sin6_addr);
2072 sb->residual_fully_formed =
false;
2073 sb->buf =
sb->buf_init;
2081 sb->buf_init = *buf;
2082 sb->maxlen =
sb->buf_init.
len;
2083 sb->buf_init.len = 0;
2087 sb->port_share_state =
2101static inline struct buffer
2108 next.
len = (
sb->len >= 0 ?
sb->len :
sb->maxlen) -
sb->buf.len;
2135 if (
sb->residual.len && !
sb->residual_fully_formed)
2141 sb->residual_fully_formed ?
"YES" :
"NO",
sb->residual.len);
2144 return !
sb->residual_fully_formed;
2203 if (
sb->len < 1 ||
sb->len >
sb->maxlen)
2206 "WARNING: Bad encapsulated packet length from peer (%d), which must be > 0 and <= %d -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]",
2207 sb->len,
sb->maxlen);
2215 if (
sb->len > 0 &&
sb->buf.len >=
sb->len)
2219 if (
sb->buf.len >
sb->len)
2268 "ERROR: received strange incoming packet with an address length of %d -- we only accept address lengths of %d.",
2290 msg(
M_INFO,
"BUG: link_socket_read_tcp(): sock->sd==-1, reset client instance");
2292 return buf->
len = 0;
2322 return buf->
len = 0;
2328#if ENABLE_IP_PKTINFO
2333#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2334#define PKTINFO_BUF_SIZE \
2335 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_pktinfo)))
2337#define PKTINFO_BUF_SIZE \
2338 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr)))
2346 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2347 struct msghdr mesg = { 0 };
2348 socklen_t fromlen =
sizeof(from->
dest.
addr);
2352 iov.iov_base =
BPTR(buf);
2354 mesg.msg_iov = &iov;
2355 mesg.msg_iovlen = 1;
2357 mesg.msg_namelen = fromlen;
2358 mesg.msg_control = pktinfo_buf;
2359 mesg.msg_controllen =
sizeof pktinfo_buf;
2360 buf->
len = recvmsg(sock->
sd, &mesg, 0);
2363 struct cmsghdr *cmsg;
2364 fromlen = mesg.msg_namelen;
2365 cmsg = CMSG_FIRSTHDR(&mesg);
2366 if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2367#
if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2368 && cmsg->cmsg_level ==
SOL_IP && cmsg->cmsg_type == IP_PKTINFO
2369 && cmsg->cmsg_len >= CMSG_LEN(
sizeof(
struct in_pktinfo)))
2370#elif defined(IP_RECVDSTADDR)
2371 && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR
2372 && cmsg->cmsg_len >= CMSG_LEN(
sizeof(
struct in_addr)))
2374#error
ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2377#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2378 struct in_pktinfo *pkti = (
struct in_pktinfo *)CMSG_DATA(cmsg);
2379 from->pi.in4.ipi_ifindex =
2381 from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
2382#elif defined(IP_RECVDSTADDR)
2383 from->pi.in4 = *(
struct in_addr *)CMSG_DATA(cmsg);
2385#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2388 else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2389 && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO
2390 && cmsg->cmsg_len >= CMSG_LEN(
sizeof(
struct in6_pktinfo)))
2392 struct in6_pktinfo *pkti6 = (
struct in6_pktinfo *)CMSG_DATA(cmsg);
2393 from->pi.in6.ipi6_ifindex =
2395 from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
2397 else if (cmsg != NULL)
2400 "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)",
2401 (
int)cmsg->cmsg_level, (
int)cmsg->cmsg_type, (
int)cmsg->cmsg_len);
2413 socklen_t fromlen =
sizeof(from->
dest.
addr);
2419#if ENABLE_IP_PKTINFO
2423 fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from);
2432 if (buf->
len >= 0 && expectedlen && fromlen != expectedlen)
2456 return link_socket_write_tcp_posix(sock, buf);
2460#if defined(__GNUC__) || defined(__clang__)
2461#pragma GCC diagnostic pop
2464#if ENABLE_IP_PKTINFO
2467link_socket_write_udp_posix_sendmsg(
struct link_socket *sock,
struct buffer *buf,
2472 struct cmsghdr *cmsg;
2473 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2475 iov.iov_base =
BPTR(buf);
2476 iov.iov_len =
BLENZ(buf);
2477 mesg.msg_iov = &iov;
2478 mesg.msg_iovlen = 1;
2484 mesg.msg_namelen =
sizeof(
struct sockaddr_in);
2485 mesg.msg_control = pktinfo_buf;
2487#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2488 mesg.msg_controllen = CMSG_SPACE(
sizeof(
struct in_pktinfo));
2489 cmsg = CMSG_FIRSTHDR(&mesg);
2490 cmsg->cmsg_len = CMSG_LEN(
sizeof(
struct in_pktinfo));
2491 cmsg->cmsg_level =
SOL_IP;
2492 cmsg->cmsg_type = IP_PKTINFO;
2494 struct in_pktinfo *pkti;
2495 pkti = (
struct in_pktinfo *)CMSG_DATA(cmsg);
2496 pkti->ipi_ifindex = to->pi.in4.ipi_ifindex;
2497 pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst;
2498 pkti->ipi_addr.s_addr = 0;
2500#elif defined(IP_RECVDSTADDR)
2501 ASSERT(CMSG_SPACE(
sizeof(
struct in_addr)) <=
sizeof(pktinfo_buf));
2502 mesg.msg_controllen = CMSG_SPACE(
sizeof(
struct in_addr));
2503 cmsg = CMSG_FIRSTHDR(&mesg);
2504 cmsg->cmsg_len = CMSG_LEN(
sizeof(
struct in_addr));
2505 cmsg->cmsg_level = IPPROTO_IP;
2506 cmsg->cmsg_type = IP_RECVDSTADDR;
2507 *(
struct in_addr *)CMSG_DATA(cmsg) = to->pi.in4;
2509#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2516 struct in6_pktinfo *pkti6;
2518 mesg.msg_namelen =
sizeof(
struct sockaddr_in6);
2520 ASSERT(CMSG_SPACE(
sizeof(
struct in6_pktinfo)) <=
sizeof(pktinfo_buf));
2521 mesg.msg_control = pktinfo_buf;
2522 mesg.msg_controllen = CMSG_SPACE(
sizeof(
struct in6_pktinfo));
2524 cmsg = CMSG_FIRSTHDR(&mesg);
2525 cmsg->cmsg_len = CMSG_LEN(
sizeof(
struct in6_pktinfo));
2526 cmsg->cmsg_level = IPPROTO_IPV6;
2527 cmsg->cmsg_type = IPV6_PKTINFO;
2529 pkti6 = (
struct in6_pktinfo *)CMSG_DATA(cmsg);
2530 pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex;
2531 pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
2538 return sendmsg(sock->
sd, &mesg, 0);
2554 return GetLastError();
2557 return WSAGetLastError();
2586 wsabuf[0].len = maxsize ? maxsize :
BLEN(&sock->
reads.
buf);
2594 status = ReadFile((HANDLE)sock->
sd, wsabuf[0].buf, wsabuf[0].len, &sock->
reads.
size,
2633 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Receive immediate return [%d,%d]",
2634 (
int)wsabuf[0].len, (
int)sock->
reads.
size);
2639 if (
status == WSA_IO_PENDING)
2643 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Receive queued [%d]", (
int)wsabuf[0].len);
2651 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Receive error [%d]: %s", (
int)wsabuf[0].len,
2683 status = WriteFile((HANDLE)sock->
sd, wsabuf[0].buf, wsabuf[0].len, &sock->
writes.
size,
2731 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Send immediate return [%d,%d]", (
int)wsabuf[0].len,
2738 if (
status == WSA_IO_PENDING ||
status == ERROR_IO_PENDING)
2742 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Send queued [%d]", (
int)wsabuf[0].len);
2751 dmsg(
D_WIN32_IO,
"WIN32 I/O: Socket Send error [%d]: %s", (
int)wsabuf[0].len,
2774 case sizeof(
struct sockaddr_in):
2775 case sizeof(struct sockaddr_in6):
2778 case sizeof(struct sockaddr_in6) - 4:
2785 switch (io->addr.sin_family)
2788 memcpy(dst, &io->
addr,
sizeof(
struct sockaddr_in));
2792 memcpy(dst, &io->
addr6,
sizeof(
struct sockaddr_in6));
2816 const struct sockaddr *sa = (
const struct sockaddr *)
BPTR(buf);
2817 switch (sa->sa_family)
2820 sa_len =
sizeof(
struct sockaddr_in);
2824 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2827 memcpy(dst, sa, sa_len);
2832 sa_len =
sizeof(
struct sockaddr_in6);
2836 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2839 memcpy(dst, sa, sa_len);
2844 msg(
M_FATAL,
"ERROR: received incoming packet with invalid address family %d.",
2908 dmsg(
D_WIN32_IO,
"WIN32 I/O: Completion non-queued success [%d]", ret);
2947 unsigned int *persistent)
2954 rwflags &= ~EVENT_READ;
2965 if (!persistent || *persistent != rwflags)
2970 *persistent = rwflags;
2989#if UNIX_SOCK_SUPPORT
2996sockaddr_unix_name(
const struct sockaddr_un *local,
const char *null)
2998 if (local && local->sun_family == PF_UNIX)
3000 return local->sun_path;
3009create_socket_unix(
void)
3013 if ((sd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
3015 msg(
M_ERR,
"Cannot create unix domain socket");
3029 const mode_t orig_umask = umask(0);
3031 if (bind(sd, (
struct sockaddr *)local,
sizeof(
struct sockaddr_un)))
3033 msg(
M_FATAL |
M_ERRNO,
"%s: Socket bind[%d] failed on unix domain socket %s", prefix,
3034 (
int)sd, sockaddr_unix_name(local,
"NULL"));
3044 socklen_t remote_len =
sizeof(
struct sockaddr_un);
3048 ret = accept(sd, (
struct sockaddr *)remote, &remote_len);
3061 int status = connect(sd, (
struct sockaddr *)remote,
sizeof(
struct sockaddr_un));
3070sockaddr_unix_init(
struct sockaddr_un *local,
const char *path)
3072 local->sun_family = PF_UNIX;
3073 strncpynt(local->sun_path, path,
sizeof(local->sun_path));
3077socket_delete_unix(
const struct sockaddr_un *local)
3079 const char *name = sockaddr_unix_name(local, NULL);
3080 if (name && strlen(name))
3089#ifdef HAVE_GETPEEREID
3092 if (getpeereid(sd, &u, &g) == -1)
3105#elif defined(SO_PEERCRED)
3106 struct ucred peercred;
3107 socklen_t so_len =
sizeof(peercred);
3108 if (getsockopt(sd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1)
3114 *uid = peercred.uid;
3118 *gid = peercred.gid;
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
void free_buf(struct buffer *buf)
bool buf_printf(struct buffer *buf, const char *format,...)
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
struct buffer alloc_buf(size_t size)
void gc_addspecial(void *addr, void(*free_function)(void *), struct gc_arena *a)
static bool buf_copy(struct buffer *dest, const struct buffer *src)
static bool buf_copy_excess(struct buffer *dest, struct buffer *src, int len)
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
static bool buf_safe(const struct buffer *buf, size_t len)
static bool buf_read(struct buffer *src, void *dest, int size)
static int buf_len(const struct buffer *buf)
static int buf_forward_capacity(const struct buffer *buf)
static bool buf_advance(struct buffer *buf, ssize_t size)
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
static void strncpynt(char *dest, const char *src, size_t maxlen)
static void gc_free(struct gc_arena *a)
#define ALLOC_OBJ_CLEAR(dptr, type)
static bool buf_defined(const struct buffer *buf)
#define buf_init(buf, offset)
static void gc_freeaddrinfo_callback(void *addr)
static struct gc_arena gc_new(void)
static int buf_forward_capacity_total(const struct buffer *buf)
void dco_mp_start_vpn(HANDLE handle, struct link_socket *sock)
Initializes and binds the kernel UDP transport socket for multipeer mode.
void dco_p2p_new_peer(HANDLE handle, OVERLAPPED *ov, struct link_socket *sock, struct signal_info *sig_info)
void setenv_str(struct env_set *es, const char *name, const char *value)
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
void set_nonblock(socket_descriptor_t fd)
void set_cloexec(socket_descriptor_t fd)
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Interface functions to the internal and external multiplexers.
static SERVICE_STATUS status
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
#define OPENVPN_STATE_TCP_CONNECT
void alloc_buf_sock_tun(struct buffer *buf, const struct frame *frame)
void set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
const char * strerror_win32(DWORD errnum, struct gc_arena *gc)
#define MODE_POINT_TO_POINT
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
bool plugin_defined(const struct plugin_list *pl, const int type)
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
bool establish_http_proxy_passthru(struct http_proxy_info *p, socket_descriptor_t sd, const char *host, const char *port, struct event_timeout *server_poll_timeout, struct buffer *lookahead, struct signal_info *sig_info)
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise.
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
int signal_reset(struct signal_info *si, int signum)
Clear the signal if its current value equals signum.
void throw_signal(const int signum)
Throw a hard signal.
struct signal_info siginfo_static
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
void link_socket_init_phase1(struct context *c, int sock_index, int mode)
static int get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname, int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
static void resolve_bind_local(struct link_socket *sock, const sa_family_t af)
static int socket_get_sndbuf(socket_descriptor_t sd)
static void socket_set_sndbuf(socket_descriptor_t sd, int size)
void link_socket_init_phase2(struct context *c, struct link_socket *sock)
int socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
static void ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info, struct gc_arena *gc)
static int socket_get_last_error(const struct link_socket *sock)
ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
void link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
static socket_descriptor_t create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
static void create_socket(struct link_socket *sock, struct addrinfo *addr)
const struct in6_addr * link_socket_current_remote_ipv6(const struct link_socket_info *info)
void set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
const char * socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
static int do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af, const unsigned int flags)
void bad_address_length(int actual, int expected)
static bool stream_buf_added(struct stream_buf *sb, int length_added)
This will determine if sb->buf contains a full packet.
event_t socket_listen_event_handle(struct link_socket *s)
void sd_close(socket_descriptor_t *sd)
static void linksock_print_addr(struct link_socket *sock)
static socket_descriptor_t socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act, const struct addrinfo *local, bool do_listen, bool nowait, volatile int *signal_received)
static void socket_set_mark(socket_descriptor_t sd, int mark)
static void socket_set_rcvbuf(socket_descriptor_t sd, int size)
static void stream_buf_close(struct stream_buf *sb)
static void stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
Sets the parameter buf to the current buffer of sb->buf.
static void socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout, struct signal_info *sig_info)
static void bind_local(struct link_socket *sock, const sa_family_t ai_family)
static void phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
static int get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network, unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info, msglvl_t msglevel)
socket_descriptor_t socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
static void socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen, bool do_set_nonblock)
static void phase2_tcp_server(struct link_socket *sock, struct signal_info *sig_info)
int socket_recv_queue(struct link_socket *sock, int maxsize)
void link_socket_close(struct link_socket *sock)
bool get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, msglvl_t msglevel)
Translate an IPv6 addr or hostname from string form to in6_addr.
void link_socket_connection_initiated(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
void socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
Sets the receive and send buffer sizes of a socket descriptor.
bool stream_buf_read_setup_dowork(struct stream_buf *sb)
Will try to check if the buffers in stream form a full packet.
static bool streqnull(const char *a, const char *b)
static void phase2_set_socket_flags(struct link_socket *sock)
static void resolve_remote(struct link_socket *sock, int phase, struct signal_info *sig_info)
void link_socket_bad_outgoing_addr(void)
int sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf, struct link_socket_actual *from)
in_addr_t link_socket_current_remote(const struct link_socket_info *info)
static int socket_get_rcvbuf(socket_descriptor_t sd)
int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
unsigned int socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg, unsigned int *persistent)
static struct buffer stream_buf_get_next(struct stream_buf *sb)
Return a buffer that is backed by the same backend as sb->buf that determines where the next read sho...
static unsigned int sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
void do_preresolve(struct context *c)
void link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info, const struct link_socket_actual *from_addr)
static void phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
void socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix, bool ipv6only)
socket_descriptor_t create_socket_tcp(struct addrinfo *addrinfo)
static void socket_frame_init(const struct frame *frame, struct link_socket *sock)
static void stream_buf_reset(struct stream_buf *sb)
resets the stream buffer to be set up for the next round of reassembling a packet
static void create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
static void tcp_connection_established(const struct link_socket_actual *act)
static bool socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
struct link_socket * link_socket_new(void)
static int read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
Extracts a sockaddr from a packet payload.
bool sockets_read_residual(const struct context *c)
in_addr_t getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded, struct signal_info *sig_info)
Translate an IPv4 addr or hostname from string form to in_addr_t.
void setenv_trusted(struct env_set *es, const struct link_socket_info *info)
void read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
bool link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags, const int proto)
static event_t socket_event_handle(const struct link_socket *sock)
#define IPV4_INVALID_ADDR
static BOOL SocketHandleGetOverlappedResult(sockethandle_t sh, struct overlapped_io *io)
#define LS_MODE_TCP_ACCEPT_FROM
static bool link_socket_connection_oriented(const struct link_socket *sock)
static bool stream_buf_read_setup(struct link_socket *sock)
static void SocketHandleSetLastError(sockethandle_t sh, DWORD err)
static int SocketHandleGetLastError(sockethandle_t sh)
static void SocketHandleSetInvalError(sockethandle_t sh)
#define RESOLV_RETRY_INFINITE
#define SF_USE_IP_PKTINFO
uint16_t packet_size_type
static bool socket_is_dco_win(const struct link_socket *s)
Returns true if we are on Windows and this link is running on DCO-WIN.
#define SF_HOST_RANDOMIZE
#define SF_GETADDRINFO_DGRAM
#define LS_MODE_TCP_LISTEN
static int openvpn_select(socket_descriptor_t nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout)
static int link_socket_write_win32(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
#define SF_PKTINFO_COPY_IIF
#define openvpn_close_socket(s)
static int openvpn_bind(socket_descriptor_t sockfd, const struct sockaddr *addr, size_t addrlen)
const char * proto2ascii(int proto, sa_family_t af, bool display_form)
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
const char * print_sockaddr_ex(const struct sockaddr *sa, const char *separator, const unsigned int flags, struct gc_arena *gc)
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
const char * print_link_socket_actual_ex(const struct link_socket_actual *act, const char *separator, const unsigned int flags, struct gc_arena *gc)
const char * addr_family_name(int af)
static const char * print_sockaddr(const struct sockaddr *addr, struct gc_arena *gc)
#define GETADDR_CACHE_MASK
static bool link_socket_actual_defined(const struct link_socket_actual *act)
static bool proto_is_udp(int proto)
Returns if the protocol being used is UDP.
#define GETADDR_UPDATE_MANAGEMENT_STATE
static bool addr_local(const struct sockaddr *addr)
#define GETADDR_HOST_ORDER
#define PS_SHOW_PORT_IF_DEFINED
#define GETADDR_RANDOMIZE
static bool proto_is_tcp(int proto)
returns if the proto is a TCP variant (tcp-server, tcp-client or tcp)
static void addr_zero_host(struct openvpn_sockaddr *addr)
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
static int af_addr_size(sa_family_t af)
#define GETADDR_MENTION_RESOLVE_RETRY
#define GETADDR_WARN_ON_SIGNAL
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Wrapper structure for dynamically allocated memory.
int len
Length in bytes of the actual content within the allocated memory.
int offset
Offset in bytes of the actual content within the allocated memory.
struct cached_dns_entry * next
struct local_list * local_list
const char * socks_proxy_port
struct http_proxy_options * http_proxy_options
const char * socks_proxy_server
struct connection_entry ** array
struct link_socket_addr * link_socket_addrs
Local and remote addresses on the external network.
struct http_proxy_info * http_proxy
struct socks_proxy_info * socks_proxy
struct cached_dns_entry * dns_cache
struct tuntap * tuntap
Tun/tap virtual network interface.
struct event_timeout server_poll_interval
const struct link_socket * accept_from
struct link_socket ** link_sockets
Contains all state information for one tunnel.
int mode
Role of this context within the OpenVPN process.
struct signal_info * sig
Internal error signaling object.
struct plugin_list * plugins
List of plug-ins.
struct context_2 c2
Level 2 context.
struct options options
Options loaded from command line or configuration file.
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
struct context_1 c1
Level 1 context.
struct link_socket * sock
Packet geometry parameters.
Garbage collection arena used to keep track of dynamically allocated memory.
struct http_proxy_options options
struct openvpn_sockaddr dest
struct link_socket_actual actual
struct addrinfo * remote_list
struct addrinfo * bind_local
struct addrinfo * current_remote
bool connection_established
struct link_socket_addr * lsa
const char * ipchange_command
const struct plugin_list * plugins
struct event_timeout * server_poll_timeout
unsigned int rwflags_debug
struct socket_buffer_size socket_buffer_sizes
struct link_socket_actual socks_relay
struct rw_handle listen_handle
struct link_socket_info info
const char * proxy_dest_port
struct rw_handle rw_handle
struct overlapped_io writes
socket_descriptor_t ctrl_sd
struct stream_buf stream_buf
struct socks_proxy_info * socks_proxy
int resolve_retry_seconds
const char * proxy_dest_host
struct http_proxy_info * http_proxy
struct cached_dns_entry * dns_cache
struct buffer stream_buf_data
struct event_arg ev_arg
this struct will store a pointer to either mi or link_socket, depending on the event type,...
struct overlapped_io reads
struct local_entry ** array
struct man_connection connection
union openvpn_sockaddr::@27 addr
int resolve_retry_seconds
const char * ip_remote_hint
struct connection_entry ce
struct sockaddr_in6 addr6
volatile int signal_received
struct used to extract packets encapsulated in streams into a buffer, in this case OpenVPN packets (d...
struct buffer residual
buffer holding the excess bytes that are not part of the packet.
bool residual_fully_formed
The buffer in buf contains a full packet without a header.
int maxlen
Maximum length of a packet that we accept.
enum tun_driver_type backend_driver
The backend driver that used for this tun/tap device.
OVERLAPPED dco_new_peer_ov
struct tuntap_options options
unsigned short sa_family_t
SOCKET socket_descriptor_t
static int socket_defined(const socket_descriptor_t sd)
#define ENABLE_IP_PKTINFO
void tun_open_device(struct tuntap *tt, const char *dev_node, const char **device_guid, struct gc_arena *gc)
void init_net_event_win32(struct rw_handle *event, long network_events, socket_descriptor_t sd, unsigned int flags)
void overlapped_io_init(struct overlapped_io *o, const struct frame *frame, BOOL event_state)
void close_net_event_win32(struct rw_handle *event, socket_descriptor_t sd, unsigned int flags)
char * overlapped_io_state_ascii(const struct overlapped_io *o)
void overlapped_io_close(struct overlapped_io *o)
static bool defined_net_event_win32(const struct rw_handle *event)
#define IOSTATE_IMMEDIATE_RETURN
